Jump to content

SRE/Dc-operations/Platform-specific documentation/Opengear Serial Consoles

From Wikitech
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

SRE Data Center Operations

DC Operations | About | Projects & Workboards | IRC: #wikimedia-dcops connect
HW Troubleshooting | HW Specific Documentation

  • We use the Opengear CM4148. This is the 48 port version of the serial console server.
  • It is just easier to get the maximum port model than juggle various models per datacenter deployment.
  • As a matter of course, we attach all network devices, and all power strips to the serial console in each deployment.
  • Please note caching deployments don't offer connections to power strips, only full deployment sites.

Using the Serial Console

  • SSH into the serial console in question.
  • Our naming standard depends on deployment.
  • Full deployments are scs-$rack-$site.mgmt.$site.wmnet
  • noting the rack location when we have multiple racks is just easier on folks.
  • Caching deployments are scs-$site.mgmt.$site.wmnet
  • Since caching sites usually are less than 5 racks and won't ever need more than a single serial console.
  • Once on opengear CLI, type in pmshell and hit enter.
  • All the setup ports with labels of what they are connected to will be listed, and you can enter the number of the port you wish to connect to.
  • If you already know the port # you can simply connect with pmshell port##

Administrative Actions

  • All of the actions listed below require the HTTPS web console, not the command line via SSH.

Initial Setup

  • This is done by the on-site technician for the datacenter deployment.
  • Set up your local laptop to use IP addresses within the 192.168.0.X range (leave 192.168.0.1 open, as the opengear defaults to that) with a subnet mask of 255.255.255.0 and no gateway.
    • No gateway ensures your wifi connection to internet/irc/whatever remains active and primary for that traffic.
  • Plug your laptop's network connection into the LAN port on the serial console server.
  • Open the serial console web configuration via [1]
    • You will have to accept the console's self signed certificate.
  • Login with the default user name root & the default password default
  • Upgrade the OS to the latest recommended version
  • Update the console's host name under System > Administration.
  • Update the console's password to our mgmt password under System > Administration.
  • Set the systems network settings under System > IP.
    • The information for the network settings should be attached to the setup ticket for the console in RT.
  • System: IP
    • DNS: 10.3.0.1
  • System: time
    • Timezone -> UTC
    • Enable NTP -> checked
    • NTP Server List: ntp.eqiad.wikimedia.org; ntp.codfw.wikimedia.org
  • Alerts & Logging: SNMP
    • Enable -> check
    • Location -> one of: eqiad;codfw;ulsfo;etc;etc
    • Contact -> noc@wikimedia.org
    • Read-Only Community -> SNMP secret
  • Serial & Network: Users
    • Add user:
      •   description -> rancid
      •   username -> rancid
      •   Disable Password Authentication -> check
      •   Groups -> admin
      •   Password -> generate long random string
      •   New ssh key -> rancid SSH pub key
      • Serial & Network: Authentication Configuration
      •   CLI Management Session Timeout -> 60
  • Status: Syslog:
    •   Syslog Server Address -> syslog.anycast.wmnet
  • System: services
    • Enable Telnet command shell -> uncheck
    • Enable LLDP/CDP service -> check
    • NTP Server -> verify check
    • SNMP daemon -> verify check
  • All basic networking and login should now be set. All that is left is to setup individual ports, outlined below.
  • Add device to monitoring
    • LibreNMS (https://librenms.wikimedia.org/addhost/)
    • Rancid
    • Icinga

Port / Connection Setup

  • The SCS exists on the management network, to connect to it, you must be attached to the mgmt network by physical link, or proxy.
  • Once logged in, click on Serial & Network > Serial Port
    • This lists all ports, and their labels.
  • Click Edit for the specific port, and set the port details.
    • The name must be set (or it won't show in pmshell command from cli), the ports default connection settings (no logging, 9600-8-N-1, no flow control) are appropriate for the majority of our network gear and power strips.
  • Apply/Save and the port is now setup.

Escape sequence

<enter>~~.<enter>

Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=SRE/Dc-operations/Platform-specific_documentation/Opengear_Serial_Consoles&oldid=1942408"